footmassage.xadsteam.com Open in urlscan Pro
52.87.116.109 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://footmassage.xadsteam.com/
Submission: On August 04 via api (August 4th 2024, 7:09:40 pm UTC) from US — Scanned from DE

Summary HTTP 74 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 74 HTTP transactions. The main IP is 52.87.116.109, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is footmassage.xadsteam.com.
TLS certificate: Issued by SSL.com SSL Intermediate CA ECC R2 on July 28th 2024. Valid for: 3 months.

This is the only time footmassage.xadsteam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	52.87.116.109 52.87.116.109	14618 (AMAZON-AES) (AMAZON-AES)
39	2600:9000:276... 2600:9000:2761:a000:11:4a51:5340:93a1	16509 (AMAZON-02) (AMAZON-02)
19	2606:4700::68... 2606:4700::6812:15d3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.21.175.127 52.21.175.127	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
5	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	151.101.195.1 151.101.195.1	54113 (FASTLY) (FASTLY)
74	9

5 52.87.116.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-116-109.compute-1.amazonaws.com

footmassage.xadsteam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2600:9000:2761:a000:11:4a51:5340:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.shopnow.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700::6812:15d3 (United States)

ASN13335 (CLOUDFLARENET, US)

img.fantaskycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.21.175.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-175-127.compute-1.amazonaws.com

apie.shopnow.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.129.21 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.195.1 (San Francisco, United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	shopnow.us cdn.shopnow.us apie.shopnow.us	616 KB
19	fantaskycdn.com img.fantaskycdn.com — Cisco Umbrella Rank: 111836	2 MB
6	paypal.com www.paypal.com — Cisco Umbrella Rank: 3677 t.paypal.com — Cisco Umbrella Rank: 4582	90 KB
5	xadsteam.com footmassage.xadsteam.com	40 KB
1	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 3281	2 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3123
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	102 KB
74	7

	Domain	Requested by
39	cdn.shopnow.us	footmassage.xadsteam.com cdn.shopnow.us
19	img.fantaskycdn.com	footmassage.xadsteam.com
5	www.paypal.com	cdn.shopnow.us www.paypal.com
5	footmassage.xadsteam.com	cdn.shopnow.us
2	apie.shopnow.us	cdn.shopnow.us
1	t.paypal.com	footmassage.xadsteam.com
1	www.paypalobjects.com	footmassage.xadsteam.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	cdn.shopnow.us
74	9

This site contains links to these domains. Also see Links.

Domain
xor.inc

Subject Issuer	Validity	Valid
footmassage.xadsteam.com SSL.com SSL Intermediate CA ECC R2	`2024-07-28` - `2024-11-09`	3 months	crt.sh
shopnow.us Amazon RSA 2048 M02	`2024-04-29` - `2025-05-28`	a year	crt.sh
fantaskycdn.com WE1	`2024-06-23` - `2024-09-21`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-02-08` - `2025-02-08`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-06-21` - `2025-06-20`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://footmassage.xadsteam.com/
Frame ID: 64334B4F1E101875103E40A1E0380DA3
Requests: 70 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.shape=rect&style.tagline=false&style.height=55&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_3387652f57_mtk6mdk6mzy&buttonSize=large&customerId=&clientID=Ab_vz3i_xHR0DKE-xHdHojd-R6J-RNYT3yk0xAXJnxXCkXLlU-5qbRQbjj6zzx3NADDNMP55-uotpP9b&clientMetadataID=uid_384f053dba_mtk6mdk6mzy&commit=true&components.0=buttons&currency=USD&debug=false&disableSetCookie=true&env=production&experiment.enableVenmo=false&experiment.venmoVaultWithoutPurchase=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwibWFlc3RybyI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGluZXJzIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJjdXAiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNhdGlzcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBhaWR5Ijp7ImVsaWdpYmxlIjpmYWxzZX19&intent=capture&locale.lang=en&locale.country=US&hasShippingCallback=false&platform=desktop&renderedButtons.0=paypal&sessionID=uid_384f053dba_mtk6mdk6mzy&sdkCorrelationID=f523602dcdb01&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJfdnozaV94SFIwREtFLXhIZEhvamQtUjZKLVJOWVQzeWsweEFYSm54WENrWExsVS01cWJSUWJqajZ6engzTkFERE5NUDU1LXVvdHBQOWImbG9jYWxlPWVuX1VTIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoicmVhY3QtcGF5cGFsLWpzIiwiZGF0YS11aWQiOiJ1aWRfZmhidnRkeG51eWt1bmZidHhyaHRxa2tzdWNvZ2p4In19&sdkVersion=5.0.453&storageID=uid_19c2bb7c3e_mtk6mdk6mzy&supportedNativeBrowser=false&supportsPopups=true&vault=false
Frame ID: 22B43C1617EFC774F8AB13159BF252FF
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: DD5B349C9DCB8D8EE3F265838B40DDAB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

XADSTEAM - EMS Pulse Electric Foot Massager

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

74
Requests

100 %
HTTPS

44 %
IPv6

7
Domains

9
Subdomains

9
IPs

2
Countries

3109 kB
Transfer

4913 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://xor.inc/vi/
Title: XOR, XOR vietnam

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

74 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
footmassage.xadsteam.com/ 528 KB
27 KB 1580ms
116ms Document
text/html 52.87.116.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://footmassage.xadsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.87.116.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-116-109.compute-1.amazonaws.com
Software: nginx / Next.js
Resource Hash: 63eebc9bf4195632c608f4bb2d0fc43308a5f8e616d0e870b0708f958a2eb1c3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: s-maxage=60, stale-while-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 04 Aug 2024 19:09:36 GMT
etag: "nevp45q5z1bl1b"
server: nginx
vary: Accept-Encoding
x-nextjs-cache: STALE
x-powered-by: Next.js

GET
H2 200 9b3fc42cb0d605f5.css
cdn.shopnow.us/landing/_next/static/css/ 3 KB
2 KB 80ms
9ms Stylesheet
text/css 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopnow.us/landing/_next/static/css/9b3fc42cb0d605f5.css

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

81238941af336f8eb3b505d08fade8c9511d9a8047ef127632a237fb5fb05a88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:11:39 GMT
x-amz-version-id: 7jk36CVwEMqHNBuomak5vVwHVdrw9xeo
content-encoding: br
x-content-type-options: nosniff
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 118678
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:10 GMT
server: AmazonS3
etag: W/"4871ffcb9d1e8527b5b85c4ba5507184"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
x-amz-cf-id: G85yEtq4mkIgpxp2oDESRWpjjWoNARcI70LGln0YSoJWGRtIAU3LjA==

GET
H2 200 33196edf9e1191e7.css
cdn.shopnow.us/landing/_next/static/css/ 52 KB
9 KB 79ms
8ms Stylesheet
text/css 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopnow.us/landing/_next/static/css/33196edf9e1191e7.css

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ee127d48b4b7aa5e7aa29123f8e23e60d569a39494d5be69b5162ab1aa683bf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:37:47 GMT
x-amz-version-id: GbnLEpDMYIkwV0yBmPO67Kp8D_ZI2mC5
content-encoding: br
x-content-type-options: nosniff
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 117110
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:10 GMT
server: AmazonS3
etag: W/"12cd934b3f883fd0fabf3b7fe1d07830"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
x-amz-cf-id: vzOGLDOBf01p0FLCnncDTgzcn2XbnWNfenLmaa7aCQvRQKvaxnVRdw==

GET
H2 200 webpack-34ca3dfd4b610ca2.js Show response
cdn.shopnow.us/landing/_next/static/chunks/ 5 KB
3 KB 84ms
15ms Script
application/javascript 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopnow.us/landing/_next/static/chunks/webpack-34ca3dfd4b610ca2.js

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

480667875b3a2641d41fd844eb0a1f0b3b737b2b9ac178e6e71e0cf403219c03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:11:39 GMT
x-amz-version-id: ikcvkd2DBdb1RT2mnaGFoFNaHBvmvMql
content-encoding: br
x-content-type-options: nosniff
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 118678
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:10 GMT
server: AmazonS3
etag: W/"ff1b322af4533889063590c2a05b2787"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: O3Q_OpHWiERJ-T8sXvQSfMdUqB8QRuQeVZtBmdfWECp0mL03W_yZwQ==

GET
H2 200 framework-2c79e2a64abdb08b.js Show response
cdn.shopnow.us/landing/_next/static/chunks/ 138 KB
43 KB 85ms
17ms Script
application/javascript 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopnow.us/landing/_next/static/chunks/framework-2c79e2a64abdb08b.js

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:11:39 GMT
x-amz-version-id: 1.jUp7TbFbwkkAJjVvSc8fwoMtXBGG7_
content-encoding: br
x-content-type-options: nosniff
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 118678
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:10 GMT
server: AmazonS3
etag: W/"7fc4bed6b4319c62343f0bf5db91a5bb"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: DE62c7qOCGiHZRW4i3LzQ6gKS8KeiCkAQt2U7UDilfP9-SGRtFfVRQ==

GET
H2 200 main-9a72db714f5fe4c1.js Show response
cdn.shopnow.us/landing/_next/static/chunks/ 88 KB
26 KB 78ms
10ms Script
application/javascript 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

db1df2a3942ce6e667f64eee2bb9f20ece8cd4ad895e35b984bae4ebf6259307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:11:39 GMT
x-amz-version-id: 1QE4PHaJ7438dJDELUX6hUeqjUuXnDI3
content-encoding: br
x-content-type-options: nosniff
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 118678
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:10 GMT
server: AmazonS3
etag: W/"5334a009271a874096ea47082704e937"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: TT8n8BJiM7c7tyV88nvObZDehvsnJw-qLBXEcADaCVFY9q8TBAUMQA==

GET
H2 200 _app-eb1cda602dcc3ac4.js Show response
cdn.shopnow.us/landing/_next/static/chunks/pages/ 204 KB
57 KB 14ms
14ms Script
application/javascript 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopnow.us/landing/_next/static/chunks/pages/_app-eb1cda602dcc3ac4.js

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0a62fa332592b53d9580a4e68751ea71ff55dda0d4feedcf87baac933010788a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:11:39 GMT
x-amz-version-id: c8cvDfrOlZdR8hq6RZ5i_9GnfGFq.3q6
content-encoding: br
x-content-type-options: nosniff
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 118678
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:10 GMT
server: AmazonS3
etag: W/"e6849b8849c6fd94eead7ad4c3d8643a"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: hAqXzGLb7Y2Nkt-BXfyIemo_tGlmM4R5DzTGRerJAcYlNpfQqwrTXQ==

GET
H2 200 922-63be89322e38531d.js Show response
cdn.shopnow.us/landing/_next/static/chunks/ 29 KB
10 KB 17ms
16ms Script
application/javascript 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopnow.us/landing/_next/static/chunks/922-63be89322e38531d.js

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b853253679e6179a96019a0baba0093568a6063b2e8b71538a0818dc6c32bf39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:37:47 GMT
x-amz-version-id: gcr8a5G.bGHSeZgJc27EbEWSwd1Qzvg_
content-encoding: br
x-content-type-options: nosniff
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 117110
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:10 GMT
server: AmazonS3
etag: W/"2d576e8605989d98025f232fd71b1914"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: zolRExIiC27rHdbHV48RwSK8RLRE_3iXJmrYQbiW11GQYgy9TcwCpQ==

GET
H2 200 253-cef7e2da862fc7c3.js Show response
cdn.shopnow.us/landing/_next/static/chunks/ 24 KB
8 KB 17ms
17ms Script
application/javascript 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopnow.us/landing/_next/static/chunks/253-cef7e2da862fc7c3.js

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

45033fcbc26062ba5295f72d13c203abeef97ec69598ff658684908a831a741d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:37:47 GMT
x-amz-version-id: I8cmne7T1UpO1lzwFQJBIOg5hACQmTnQ
content-encoding: br
x-content-type-options: nosniff
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 117110
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:10 GMT
server: AmazonS3
etag: W/"ce6a43f36bf167de6407bb8a33d23e10"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: r_8JiUrFfyc1RyuDGfBBbmeMaz9x0Egr1Q-bM2LXIsnWuVSl7BXESA==

GET
H2 200 238-f803bd8b2129461e.js Show response
cdn.shopnow.us/landing/_next/static/chunks/ 20 KB
8 KB 18ms
17ms Script
application/javascript 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopnow.us/landing/_next/static/chunks/238-f803bd8b2129461e.js

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9ef455aeb6cf0f68e73c85dae42fa4ca553050980ef019d3646125d16eb89a89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:37:47 GMT
x-amz-version-id: eG3Rks7IIihV3KW6keZhWSAm1qm1y3zh
content-encoding: br
x-content-type-options: nosniff
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 117110
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:10 GMT
server: AmazonS3
etag: W/"834aa4f002d6bb1c2b78e2149321eabe"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: ldhbvb0Zdq9m-9_7LfIXCvbcsM1jc0MqEKYyc4LQdWuLeWj_KLJaGQ==

GET
H2 200 21-4084055a8abf900a.js Show response
cdn.shopnow.us/landing/_next/static/chunks/ 10 KB
4 KB 18ms
17ms Script
application/javascript 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopnow.us/landing/_next/static/chunks/21-4084055a8abf900a.js

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

19a1d76d60c9475920dddbb52136644e97addff18a96fe2beefac6953954a4d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:37:47 GMT
x-amz-version-id: wqwdKkfbl5Fbr9bf1iv26JtjatDDj0X5
content-encoding: br
x-content-type-options: nosniff
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 117110
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:10 GMT
server: AmazonS3
etag: W/"3786cda9bf569dc20b9095858c8bd669"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: kMGnWaZySW5DeR1j9I1MftznUnuTB7XWcj4y1zGg63vtO_DSWXUutw==

GET
H2 200 158-f665049541317bec.js Show response
cdn.shopnow.us/landing/_next/static/chunks/ 101 KB
32 KB 17ms
17ms Script
application/javascript 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopnow.us/landing/_next/static/chunks/158-f665049541317bec.js

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a012e87a9a805de51fce391c277ed48b24f745160445148b9a8ddac6d4ec33ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:37:47 GMT
x-amz-version-id: O7d5pd4wlBM69TYbbrDqqOWdlmdJ_fXg
content-encoding: br
x-content-type-options: nosniff
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 117110
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:10 GMT
server: AmazonS3
etag: W/"051e741f51b23be60533c33e74c02395"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: zgy2tiOD6--0s30MdbiTSxItB1zt3LZI1YPD7OJuSmO0MeRw0uW8yg==

GET
H2 200 310-952bdb9f5fbeed43.js Show response
cdn.shopnow.us/landing/_next/static/chunks/ 12 KB
4 KB 22ms
22ms Script
application/javascript 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopnow.us/landing/_next/static/chunks/310-952bdb9f5fbeed43.js

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9188ec83ea78ce8c8aefde2af0513e841db6341b27c5ffad5ca955782045ce6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:37:47 GMT
x-amz-version-id: w43zfeNkoG3E0Ugh6cCEzWhpV47krFhK
content-encoding: br
x-content-type-options: nosniff
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 117110
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:10 GMT
server: AmazonS3
etag: W/"6747760116c334792ffbf494ddb97f40"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: HbOVPZZEwvf68yQkGA_d-ZFi9jcRulQXiIrwwCDpzjPSyrZC-mOJqw==

GET
H2 200 %5Bhost%5D-a8787ef6a1b3d60a.js Show response
cdn.shopnow.us/landing/_next/static/chunks/pages/ 106 KB
19 KB 22ms
22ms Script
application/javascript 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopnow.us/landing/_next/static/chunks/pages/%5Bhost%5D-a8787ef6a1b3d60a.js

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a9a95e990d325a9d141ff2c473a66daffcc5595c4afcd8bf5bf2335dd2ca81ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:37:47 GMT
x-amz-version-id: Eq8hAj729JC7XX0_HY.YG7l2ydnw9En1
content-encoding: br
x-content-type-options: nosniff
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 117110
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:10 GMT
server: AmazonS3
etag: W/"cf018953cc0fb917013bd463d917cf37"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: cFGrDsTFOzOP2mYs3qKCbui3VOJzyVKDVzwaxXgplzRS6dA9KYutxw==

GET
H2 200 _buildManifest.js Show response
cdn.shopnow.us/landing/_next/static/DVjnOG3KGKZ77KQCZI_GW/ 1 KB
1 KB 21ms
21ms Script
application/javascript 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopnow.us/landing/_next/static/DVjnOG3KGKZ77KQCZI_GW/_buildManifest.js

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4b9da7c68a5beb3d468c11f11c4b7b6333f3122869e038daffd782e04c5ca56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:11:40 GMT
x-amz-version-id: V.xcqsBcgOgRM2SKvTzIR_WQb02zpl67
content-encoding: br
x-content-type-options: nosniff
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 118677
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:10 GMT
server: AmazonS3
etag: W/"36c24cd447df0ad1239d23a8ed9b8bd2"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: LgOd-nSJG6YO4XlK_PaAhF0gZL2J4ygIDl8FRcvfn-koTwLx5ZPVdw==

GET
H2 200 _ssgManifest.js Show response
cdn.shopnow.us/landing/_next/static/DVjnOG3KGKZ77KQCZI_GW/ 94 B
649 B 21ms
21ms Script
application/javascript 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopnow.us/landing/_next/static/DVjnOG3KGKZ77KQCZI_GW/_ssgManifest.js

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c60f6b81dbd46b2cf6f90b54880be1f7a5d50eea75324e3ac7f20c88a0b3a83e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 12:20:58 GMT
x-amz-version-id: _xidsqJ3G1qubWMBRfycsmEtndybLTHx
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 110919
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 94
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:10 GMT
server: AmazonS3
etag: "ad787a3f95b7be90b8dc0e435bb113c2"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: rwff-OdcJpwsWevy9PO_ejPMO1BKEODydKMsTch422Qb49IyyQgBpg==

GET
H2 200 06ca9135-4fd8-4d9a-9db7-de1815c22746.png
cdn.shopnow.us/files/0b8aff0438617c055eb55f0ba5d226fa/ 11 KB
12 KB 86ms
16ms Image
image/png 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopnow.us/files/0b8aff0438617c055eb55f0ba5d226fa/06ca9135-4fd8-4d9a-9db7-de1815c22746.png

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

34b44551be55e5dd01c8610b0c15d1d05685053c8dd5f7f1b53b21aeffeadffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 02:30:35 GMT
x-amz-version-id: xel_pJgXAu.bErnCd4t_rWTfbm6TfxKd
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 664742
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 11230
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 28 Jul 2024 02:13:31 GMT
server: AmazonS3
etag: "9d3fdbe939d586652255b086c6996507"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: FXO90BXasiG1_yhrPFnLRgA2wNWFbPtxft5JjmAUz6RkkIWQepvngw==

GET
H3 200 d4d3ed5fa370acdbfe91a2937b442373_540.png
img.fantaskycdn.com/ 8 KB
8 KB 92ms
61ms Image
image/webp 2606:4700::6812:15d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.fantaskycdn.com/d4d3ed5fa370acdbfe91a2937b442373_540.png

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

aafba887f5282fff955da0ee12086473cfeb0df540666a8bbff3250cad988ad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
strict-transport-security: max-age=315360000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11514236
cf-polished: origFmt=png, origSize=10058
x-powered-by: ASP.NET
content-disposition: inline; filename="d4d3ed5fa370acdbfe91a2937b442373_540.webp"
request-id: b3edd4e4-4cb0-45a9-930b-5806fb84bc73
alt-svc: h3=":443"; ma=86400
content-length: 8208
x-xss-protection: 1; mode=block
x-request-id: b3edd4e4-4cb0-45a9-930b-5806fb84bc73
cf-bgj: imgq:100,h2pri
last-modified: Fri, 22 Mar 2024 12:23:42 GMT
server: cloudflare
x-download-options: noopen
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 8ae0d7bd2b9bb8f1-AMS
expires: Tue, 05 Aug 2025 01:09:36 GMT

GET
H3 200 1ab338ca7e29fc69c4eaab9413a2b3d2.gif
img.fantaskycdn.com/ 4 KB
4 KB 62ms
33ms Image
image/webp 2606:4700::6812:15d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.fantaskycdn.com/1ab338ca7e29fc69c4eaab9413a2b3d2.gif

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

3d5dd7dd9fcf0f69c2340a91e01e3c58e17b09e295da64378b32488f5ce524f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
strict-transport-security: max-age=315360000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12453942
cf-polished: origFmt=gif, origSize=4878
x-powered-by: ASP.NET
content-disposition: inline; filename="1ab338ca7e29fc69c4eaab9413a2b3d2.webp"
request-id: b82793e6-311c-492b-b607-e01cfe7cfae6
alt-svc: h3=":443"; ma=86400
content-length: 3970
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Mon, 11 Mar 2024 18:55:09 GMT
server: cloudflare
x-download-options: noopen
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 8ae0d7bd2b98b8f1-AMS
expires: Tue, 05 Aug 2025 01:09:36 GMT

GET
H3 200 ff6a7dc03156f7d609334dd17d3a8fd4_1024.png
img.fantaskycdn.com/ 2 KB
2 KB 89ms
61ms Image
image/webp 2606:4700::6812:15d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.fantaskycdn.com/ff6a7dc03156f7d609334dd17d3a8fd4_1024.png

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f521047966f95404ab99e617c041b8b05d67eb69f35cbfa7c41f198407dbc27a

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
strict-transport-security: max-age=315360000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 225053
cf-polished: origFmt=png, origSize=1905
x-powered-by: ASP.NET
content-disposition: inline; filename="ff6a7dc03156f7d609334dd17d3a8fd4_1024.webp"
request-id: ccb99fc5-91c2-44c9-8df0-2b7c5f6268c8
alt-svc: h3=":443"; ma=86400
content-length: 1692
x-xss-protection: 1; mode=block
x-request-id: ccb99fc5-91c2-44c9-8df0-2b7c5f6268c8
cf-bgj: imgq:100,h2pri
last-modified: Thu, 06 Jun 2024 05:45:36 GMT
server: cloudflare
x-download-options: noopen
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 8ae0d7bd2b99b8f1-AMS
expires: Tue, 05 Aug 2025 01:09:36 GMT

GET
H3 200 e773f03560a4c6657b6b6b376e49a7df_540.jpeg
img.fantaskycdn.com/ 43 KB
44 KB 74ms
45ms Image
image/webp 2606:4700::6812:15d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.fantaskycdn.com/e773f03560a4c6657b6b6b376e49a7df_540.jpeg

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

07272720346f726e390358fb3f3c5fc19e0d162ad03b4e29ba61470fb459e7a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
strict-transport-security: max-age=315360000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86156
x-powered-by: ASP.NET
content-disposition: inline; filename="e773f03560a4c6657b6b6b376e49a7df.webp"
request-id: 13c8fdba-6991-451b-9b35-8ace2cefc24d
alt-svc: h3=":443"; ma=86400
content-length: 44396
x-xss-protection: 1; mode=block
x-request-id: 13c8fdba-6991-451b-9b35-8ace2cefc24d
last-modified: Thu, 25 Jul 2024 01:42:35 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 8ae0d7bd2b96b8f1-AMS
expires: Tue, 05 Aug 2025 01:09:36 GMT

GET
H3 200 1b59d8205cdd2e88816d9cc480e78e10_360.jpg
img.fantaskycdn.com/ 11 KB
11 KB 62ms
34ms Image
image/webp 2606:4700::6812:15d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.fantaskycdn.com/1b59d8205cdd2e88816d9cc480e78e10_360.jpg

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ac617b895f62f1a8611427d9973e371358f52e4c10158a38f016d340759861f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
strict-transport-security: max-age=315360000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86156
x-powered-by: ASP.NET
content-disposition: inline; filename="1b59d8205cdd2e88816d9cc480e78e10.webp"
request-id: 4ac54cf6-ce78-4bad-b67c-da4c43ea58b9
alt-svc: h3=":443"; ma=86400
content-length: 11274
x-xss-protection: 1; mode=block
x-request-id: 4ac54cf6-ce78-4bad-b67c-da4c43ea58b9
last-modified: Sat, 06 Jul 2024 06:34:20 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 8ae0d7bd2b95b8f1-AMS
expires: Tue, 05 Aug 2025 01:09:36 GMT

GET
H3 200 b2ff4f3783a77b5899a8733e2a9249f7_360.jpg
img.fantaskycdn.com/ 6 KB
6 KB 59ms
33ms Image
image/webp 2606:4700::6812:15d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.fantaskycdn.com/b2ff4f3783a77b5899a8733e2a9249f7_360.jpg

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f0baef142dca374b32fd910adec94e8615ebb6c12df41d1fe7b151e584231d9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
strict-transport-security: max-age=315360000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86156
x-powered-by: ASP.NET
content-disposition: inline; filename="b2ff4f3783a77b5899a8733e2a9249f7.webp"
request-id: 80a00d0c-bdfd-4767-abe0-3a166ff964c8
alt-svc: h3=":443"; ma=86400
content-length: 5818
x-xss-protection: 1; mode=block
x-request-id: 80a00d0c-bdfd-4767-abe0-3a166ff964c8
last-modified: Thu, 25 Jul 2024 01:42:42 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 8ae0d7bd2b94b8f1-AMS
expires: Tue, 05 Aug 2025 01:09:36 GMT

GET
H3 200 00a28a9d57621409f49bd8586adce096_540.jpeg
img.fantaskycdn.com/ 34 KB
35 KB 35ms
34ms Image
image/webp 2606:4700::6812:15d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.fantaskycdn.com/00a28a9d57621409f49bd8586adce096_540.jpeg

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

196d255d4cb63482ececfab69b41f60bccda6c5968ee9754bfa978f68dade954

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
strict-transport-security: max-age=315360000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86155
x-powered-by: ASP.NET
content-disposition: inline; filename="00a28a9d57621409f49bd8586adce096.webp"
request-id: e8dabc35-7e96-45ce-b2b9-91de6c007350
alt-svc: h3=":443"; ma=86400
content-length: 35186
x-xss-protection: 1; mode=block
x-request-id: e8dabc35-7e96-45ce-b2b9-91de6c007350
last-modified: Sat, 25 May 2024 06:46:54 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 8ae0d7bd6bddb8f1-AMS
expires: Tue, 05 Aug 2025 01:09:36 GMT

GET
H3 200 1452e298c79d511dddf907788a524010_180.png
img.fantaskycdn.com/ 67 KB
67 KB 40ms
39ms Image
image/webp 2606:4700::6812:15d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.fantaskycdn.com/1452e298c79d511dddf907788a524010_180.png

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d745789482228dbab11cddf48dfb82c12c852bda1f5b1bd595bca4d2437b50c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
strict-transport-security: max-age=315360000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86155
cf-polished: origFmt=png, origSize=168746
x-powered-by: ASP.NET
content-disposition: inline; filename="1452e298c79d511dddf907788a524010_180.webp"
request-id: 167d82fe-6700-4d5d-bcd2-d615ec9d9cd9
alt-svc: h3=":443"; ma=86400
content-length: 68314
x-xss-protection: 1; mode=block
x-request-id: 167d82fe-6700-4d5d-bcd2-d615ec9d9cd9
cf-bgj: imgq:100,h2pri
last-modified: Fri, 02 Aug 2024 20:10:40 GMT
server: cloudflare
x-download-options: noopen
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 8ae0d7bd6be0b8f1-AMS
expires: Tue, 05 Aug 2025 01:09:36 GMT

GET
H3 200 24b28197f5713c1b05b7ad2e262aec42_180.png
img.fantaskycdn.com/ 71 KB
72 KB 59ms
58ms Image
image/webp 2606:4700::6812:15d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.fantaskycdn.com/24b28197f5713c1b05b7ad2e262aec42_180.png

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

853f8abcca7b3f17014e2157b9536225fbc9cf02cdb5dd2474091173343b42c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
strict-transport-security: max-age=315360000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86155
cf-polished: origFmt=png, origSize=180803
x-powered-by: ASP.NET
content-disposition: inline; filename="24b28197f5713c1b05b7ad2e262aec42_180.webp"
request-id: 64d604f3-6da6-42a2-b523-c9cb605688f9
alt-svc: h3=":443"; ma=86400
content-length: 72842
x-xss-protection: 1; mode=block
x-request-id: 64d604f3-6da6-42a2-b523-c9cb605688f9
cf-bgj: imgq:100,h2pri
last-modified: Tue, 23 Jul 2024 06:02:59 GMT
server: cloudflare
x-download-options: noopen
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 8ae0d7bd6be2b8f1-AMS
expires: Tue, 05 Aug 2025 01:09:36 GMT

GET
H3 200 7de6e942977300b06cb0a14d413a0637_180.png
img.fantaskycdn.com/ 62 KB
62 KB 63ms
62ms Image
image/webp 2606:4700::6812:15d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.fantaskycdn.com/7de6e942977300b06cb0a14d413a0637_180.png

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

3a7192640495cf7235f7b0fb036334594b2d069c0050ce51834bd3895ed5a44a

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
strict-transport-security: max-age=315360000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86155
cf-polished: origFmt=png, origSize=154901
x-powered-by: ASP.NET
content-disposition: inline; filename="7de6e942977300b06cb0a14d413a0637_180.webp"
request-id: a3c3c813-177f-460e-b425-30dd4d199183
alt-svc: h3=":443"; ma=86400
content-length: 63210
x-xss-protection: 1; mode=block
x-request-id: a3c3c813-177f-460e-b425-30dd4d199183
cf-bgj: imgq:100,h2pri
last-modified: Fri, 02 Aug 2024 20:26:13 GMT
server: cloudflare
x-download-options: noopen
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 8ae0d7bd6be6b8f1-AMS
expires: Tue, 05 Aug 2025 01:09:36 GMT

GET
H3 200 68e635fe306e0c1cb76644a13f165c8c_540.jpeg
img.fantaskycdn.com/ 23 KB
23 KB 63ms
63ms Image
image/webp 2606:4700::6812:15d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.fantaskycdn.com/68e635fe306e0c1cb76644a13f165c8c_540.jpeg

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

a8f508f93d81f66b3875668c748dbea432971d61a7c4066d6874eb1699fc12e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
strict-transport-security: max-age=315360000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86155
x-powered-by: ASP.NET
content-disposition: inline; filename="68e635fe306e0c1cb76644a13f165c8c.webp"
request-id: 2261a1f0-2a0f-469e-baf3-497b06a8bbbb
alt-svc: h3=":443"; ma=86400
content-length: 23608
x-xss-protection: 1; mode=block
x-request-id: 2261a1f0-2a0f-469e-baf3-497b06a8bbbb
last-modified: Thu, 25 Jul 2024 01:43:36 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 8ae0d7bd6be9b8f1-AMS
expires: Tue, 05 Aug 2025 01:09:36 GMT

GET
H3 200 fb085cf46f43add0de050ea60a1d4995.gif
img.fantaskycdn.com/ 2 MB
2 MB 64ms
64ms Image
image/webp 2606:4700::6812:15d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.fantaskycdn.com/fb085cf46f43add0de050ea60a1d4995.gif

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

97eaa18ff367cd3df4e573a03a3a5c3eb01bdc438b5fab9e151add60ec0ebbcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
strict-transport-security: max-age=315360000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86155
cf-polished: origFmt=gif, origSize=3790448
x-powered-by: ASP.NET
content-disposition: inline; filename="fb085cf46f43add0de050ea60a1d4995.webp"
request-id: 852d6c1b-ec8b-4783-bb5b-ebe539f65a3a
alt-svc: h3=":443"; ma=86400
content-length: 1729220
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 25 Jul 2024 10:19:34 GMT
server: cloudflare
x-download-options: noopen
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 8ae0d7bd6becb8f1-AMS
expires: Tue, 05 Aug 2025 01:09:36 GMT

GET
H3 200 11f503e80920d7be63bd4137f729e3a4_540.jpeg
img.fantaskycdn.com/ 37 KB
38 KB 115ms
115ms Image
image/webp 2606:4700::6812:15d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.fantaskycdn.com/11f503e80920d7be63bd4137f729e3a4_540.jpeg

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

8727828c0c9d5797029df20a75c6acc0aaa38132818851b5c92579544a02ca70

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
strict-transport-security: max-age=315360000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86155
x-powered-by: ASP.NET
content-disposition: inline; filename="11f503e80920d7be63bd4137f729e3a4.webp"
request-id: 1d35f14d-0c5f-4752-9eaf-68026380e8e4
alt-svc: h3=":443"; ma=86400
content-length: 38290
x-xss-protection: 1; mode=block
x-request-id: 1d35f14d-0c5f-4752-9eaf-68026380e8e4
last-modified: Thu, 06 Jun 2024 07:30:00 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 8ae0d7bd6bedb8f1-AMS
expires: Tue, 05 Aug 2025 01:09:36 GMT

GET
H3 200 bf9d4b75818a5d8a32b1aa42ca7ab8e4.gif
img.fantaskycdn.com/ 77 KB
77 KB 117ms
117ms Image
image/gif 2606:4700::6812:15d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.fantaskycdn.com/bf9d4b75818a5d8a32b1aa42ca7ab8e4.gif

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2e7d4e86bde2d32bc010897839e59e0c70a8fad6d8b0946857ab1d213def7766

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
strict-transport-security: max-age=315360000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12442646
cf-polished: origSize=81317, status=webp_bigger
x-powered-by: ASP.NET
request-id: d431edb1-920d-49b1-9885-a649d6b59dfa
alt-svc: h3=":443"; ma=86400
content-length: 78588
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 06 Mar 2024 22:37:41 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 8ae0d7bd6befb8f1-AMS
expires: Tue, 05 Aug 2025 01:09:36 GMT

GET
H3 200 30ed8fe51e19abcfc9ffb73c09839b25.png
img.fantaskycdn.com/ 12 KB
13 KB 119ms
118ms Image
image/webp 2606:4700::6812:15d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.fantaskycdn.com/30ed8fe51e19abcfc9ffb73c09839b25.png

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c2e72c9f8c8a15d4b64c091b12172aee8b6daaf3514fb416b09e38cd1cf97acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
strict-transport-security: max-age=315360000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 224419
cf-polished: origFmt=png, origSize=13934
x-powered-by: ASP.NET
content-disposition: inline; filename="30ed8fe51e19abcfc9ffb73c09839b25.webp"
request-id: bd9b164f-2ca4-431d-a398-6ca7a193d004
alt-svc: h3=":443"; ma=86400
content-length: 12488
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 05 Jun 2024 19:27:03 GMT
server: cloudflare
x-download-options: noopen
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 8ae0d7bd6bf1b8f1-AMS
expires: Tue, 05 Aug 2025 01:09:36 GMT

GET
H3 200 fbb4db043f811b8f3c7ab23e9b09abaf.jpeg
img.fantaskycdn.com/ 62 KB
62 KB 121ms
120ms Image
image/jpeg 2606:4700::6812:15d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.fantaskycdn.com/fbb4db043f811b8f3c7ab23e9b09abaf.jpeg

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

cf4ef9a6a912b0440b77360e0f69264088ece032ebda4a12616f4726622ece6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
strict-transport-security: max-age=315360000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1427447
cf-polished: status=not_needed
x-powered-by: ASP.NET
request-id: e73c9215-44f3-41ba-be5d-164f3be9d6ec
alt-svc: h3=":443"; ma=86400
content-length: 63279
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 03 Jul 2024 14:33:58 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 8ae0d7bd6bf2b8f1-AMS
expires: Tue, 05 Aug 2025 01:09:36 GMT

GET
H3 200 0c79b622632edaecb8c29e38f518d558_540.png
img.fantaskycdn.com/ 24 KB
24 KB 122ms
121ms Image
image/webp 2606:4700::6812:15d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.fantaskycdn.com/0c79b622632edaecb8c29e38f518d558_540.png

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

0ec3792a448642943391b88e8a7e898f2c02ecdf7eb33978647e117d63db767a

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
strict-transport-security: max-age=315360000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 224429
cf-polished: origFmt=png, origSize=26352
x-powered-by: ASP.NET
content-disposition: inline; filename="0c79b622632edaecb8c29e38f518d558_540.webp"
request-id: 85a8f555-404e-4331-88e9-29f85ba293b7
alt-svc: h3=":443"; ma=86400
content-length: 24198
x-xss-protection: 1; mode=block
x-request-id: 85a8f555-404e-4331-88e9-29f85ba293b7
cf-bgj: imgq:100,h2pri
last-modified: Sun, 16 Jun 2024 06:42:27 GMT
server: cloudflare
x-download-options: noopen
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 8ae0d7bd6bf3b8f1-AMS
expires: Tue, 05 Aug 2025 01:09:36 GMT

GET
H3 200 2cd836a17ea59ff816b25f687706b33d.png
img.fantaskycdn.com/ 11 KB
11 KB 122ms
122ms Image
image/webp 2606:4700::6812:15d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.fantaskycdn.com/2cd836a17ea59ff816b25f687706b33d.png

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

048e5edcd387a4ed0d411b224bba3e50f98aab6e20b31d34a71e10bca5dccfe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
strict-transport-security: max-age=315360000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3242714
cf-polished: origFmt=png, origSize=14068
x-powered-by: ASP.NET
content-disposition: inline; filename="2cd836a17ea59ff816b25f687706b33d.webp"
request-id: 579d0f45-874e-4f96-a39d-5b602d9ea7c7
alt-svc: h3=":443"; ma=86400
content-length: 11142
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 05 Jun 2024 17:46:57 GMT
server: cloudflare
x-download-options: noopen
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 8ae0d7bd6bf6b8f1-AMS
expires: Tue, 05 Aug 2025 01:09:36 GMT

GET
H3 200 e4789e0a47ac4e6a3f231583babd4ec5.png
img.fantaskycdn.com/ 8 KB
9 KB 123ms
123ms Image
image/webp 2606:4700::6812:15d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.fantaskycdn.com/e4789e0a47ac4e6a3f231583babd4ec5.png

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:15d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

96b60d904e0ed06b27fbb383b5e37fa7037453c58147d681cbb5924100807a5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
strict-transport-security: max-age=315360000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1485109
cf-polished: origFmt=png, origSize=11126
x-powered-by: ASP.NET
content-disposition: inline; filename="e4789e0a47ac4e6a3f231583babd4ec5.webp"
request-id: a06249c3-249f-46a9-b155-f4b884c49aa0
alt-svc: h3=":443"; ma=86400
content-length: 8500
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 10 Jul 2024 22:07:29 GMT
server: cloudflare
x-download-options: noopen
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 8ae0d7bd6bf7b8f1-AMS
expires: Tue, 05 Aug 2025 01:09:36 GMT

GET
H2 200 bag-black.fbe6ad85.svg
cdn.shopnow.us/landing/_next/static/media/ 720 B
1 KB 13ms
8ms Image
image/svg+xml 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopnow.us/landing/_next/static/media/bag-black.fbe6ad85.svg

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b03b758514c0de525b7336f51852fb23ef4ac4bec7051384ddec6fe6560cba07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 11:26:59 GMT
x-amz-version-id: QS2yA5DgGmNrdlrl5cBdxQyb1TeKO4RQ
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 114158
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 720
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:11 GMT
server: AmazonS3
etag: "8db1faec8cf0809ee89ea01fa039c945"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: jdvOcFd8MGntrKLOlgima-Mz_Xnwva31M9ckAA_QjI7hSh08fmJ-rg==

GET
H2 200 time-black.f511a839.svg
cdn.shopnow.us/landing/_next/static/media/ 789 B
1 KB 12ms
6ms Image
image/svg+xml 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopnow.us/landing/_next/static/media/time-black.f511a839.svg

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

27b76160431be74d9df8b1c389b4d6fe3fcffca9869386650e6ea9e9bb7b96b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 11:26:59 GMT
x-amz-version-id: aXYEbrNl6i8vi3rdO2tpv36NiRszTSTj
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 114158
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 789
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:11 GMT
server: AmazonS3
etag: "c1e8c682c06b86d851d991c6dccea395"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: ITDYIPkixHPtb_W4Xu_1EromDingrfGzlfc9xGIz4Kb527JLKun3QQ==

GET
H2 200 cart-white.eabede84.svg
cdn.shopnow.us/landing/_next/static/media/ 1 KB
1 KB 11ms
6ms Image
image/svg+xml 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopnow.us/landing/_next/static/media/cart-white.eabede84.svg

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

34a3abbdf4c5eb0154aaa8f0360f08d711fd07325167c78c9056b91dcc2ad752

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:37:49 GMT
x-amz-version-id: bPENJe6r23Zlv5x5jrmGX6JWomkMN6os
content-encoding: br
x-content-type-options: nosniff
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 117107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:11 GMT
server: AmazonS3
etag: W/"28e9e35f5ca7352963ed87b5410a4563"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-amz-cf-id: ATjbwKqMfsDQtuoYDTIYbs9uKUVozFPzm15u7YtxeRel17Xb38n98g==

GET
H2 200 creditcard-white.4a5ac823.svg
cdn.shopnow.us/landing/_next/static/media/ 868 B
1 KB 13ms
8ms Image
image/svg+xml 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopnow.us/landing/_next/static/media/creditcard-white.4a5ac823.svg

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

560c1f66f6dd073130ee5bdb3315df177b6f2127cf6a9227286faf4e4e2806c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:37:49 GMT
x-amz-version-id: J8O3wM0O9wnUZOGrZBY1VRR.jNNpVJ_Q
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 117107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 868
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:11 GMT
server: AmazonS3
etag: "1c06eb6318ed81fcd3d10f5b9a50ec96"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: 62fRpMT8KtfLaVKhm7o9-c8QHHxzwaOzpsvswxP2y5jxDJ_yPCtTDQ==

GET
H2 200 safe-checkout.60f7203e.png
cdn.shopnow.us/landing/_next/static/media/ 27 KB
27 KB 15ms
10ms Image
image/png 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopnow.us/landing/_next/static/media/safe-checkout.60f7203e.png

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8e7d1b041c75c1356235e6a0079c1800f2eb5af838b01a6311b3e45f6039762a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:37:49 GMT
x-amz-version-id: tYHKxcYYj4hT9Lw.oQYKo1N_7r2toXah
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 117107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27146
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:11 GMT
server: AmazonS3
etag: "03e2ca4bc621f76dc201b5432b43170c"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: aWHuESZddHSByCz4aRnEFErgPkvXmNX39UMzFtp5k8ETzarAgsZ4hw==

GET
H2 200 213.ae04e16c1aa64d3a.js Show response
cdn.shopnow.us/landing/_next/static/chunks/ 18 KB
7 KB 8ms
8ms Script
application/javascript 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopnow.us/landing/_next/static/chunks/213.ae04e16c1aa64d3a.js

Requested by

Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/webpack-34ca3dfd4b610ca2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8897300fe697970474eb1705824c495be01adc7357f9207644d8ddf5a391d2fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:37:50 GMT
x-amz-version-id: imGJ438wrPMWjNkEGEFKerZVrdP9.Smv
content-encoding: br
x-content-type-options: nosniff
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 117107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:10 GMT
server: AmazonS3
etag: W/"d0520036e0af5b9443e72e0674cca94f"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: A_irGu6vjUfeddTl7wK4EXATHNpAVcXyNZ3TN3hfKfKAxswe5rzPNA==

HEAD
H2 200 index.json
footmassage.xadsteam.com/_next/data/DVjnOG3KGKZ77KQCZI_GW/ 0
0 104ms
103ms Fetch
application/json 52.87.116.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://footmassage.xadsteam.com/_next/data/DVjnOG3KGKZ77KQCZI_GW/index.json?host=footmassage.xadsteam.com
Requested by: Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.87.116.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-116-109.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

x-nextjs-data: 1
Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
x-nextjs-matched-path: /[host]
server: nginx
etag: "4p5ra8tmb55h7x"
vary: Accept-Encoding
content-type: application/json
x-nextjs-cache: STALE
cache-control: s-maxage=60, stale-while-revalidate
x-nextjs-rewrite: /footmassage.xadsteam.com?host=footmassage.xadsteam.com
content-length: 255648

OPTIONS
H2 200 event
apie.shopnow.us/api/v1/public/ Frame 0
0 336ms
94ms Preflight 52.21.175.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apie.shopnow.us/api/v1/public/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.175.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-175-127.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://footmassage.xadsteam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, X-Requested-With, Authorization, Origin
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
access-control-allow-origin: https://footmassage.xadsteam.com
access-control-expose-headers: X-Api-Version
access-control-max-age: 3600
content-length: 0
date: Sun, 04 Aug 2024 19:09:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
102 KB 55ms
27ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ESMTRJTQBP

Requested by

Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ba192b848cd5a2057341b0072c66ef3831a0f376e04a8a40122f2ba12010ae1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103791
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 04 Aug 2024 19:09:36 GMT

POST
H2 200 event Show response
apie.shopnow.us/api/v1/public/ 29 B
746 B 94ms
93ms XHR
application/json 52.21.175.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://apie.shopnow.us/api/v1/public/event

Requested by

Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/pages/_app-eb1cda602dcc3ac4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.175.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-175-127.compute-1.amazonaws.com

Software

Resource Hash

464c1b7f6a2664cd53791e3281866a1bbed88652e762314d5397adeebf8ec32e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
x-api-version: 1.2.23
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-max-age: 3600
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
content-type: application/json
access-control-allow-origin: https://footmassage.xadsteam.com
access-control-expose-headers: X-Api-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-frame-options: DENY
access-control-allow-headers: Content-Type, Accept, X-Requested-With, Authorization, Origin
expires: 0

GET
H2 200 js Show response
www.paypal.com/sdk/ 304 KB
84 KB 465ms
427ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=Ab_vz3i_xHR0DKE-xHdHojd-R6J-RNYT3yk0xAXJnxXCkXLlU-5qbRQbjj6zzx3NADDNMP55-uotpP9b&locale=en_US

Requested by

Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/21-4084055a8abf900a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fc76c3780b6e03b74e34a73d24a3c9e19070b10c6d8f5e7faf7100e22d82291b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-iq3c0J8vKw5Y3PTXTR1ikM9VdiBc47r6ozFUXU9Sj1wPU24g' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-iq3c0J8vKw5Y3PTXTR1ikM9VdiBc47r6ozFUXU9Sj1wPU24g' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-iq3c0J8vKw5Y3PTXTR1ikM9VdiBc47r6ozFUXU9Sj1wPU24g' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-iq3c0J8vKw5Y3PTXTR1ikM9VdiBc47r6ozFUXU9Sj1wPU24g' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Sun, 04 Aug 2024 19:09:36 GMT
age: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f684373d5e0cf
server-timing: "traceparent;desc="00-0000000000000000000f684373d5e0cf-f9e45f240e09d6be-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 84083
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220149-FRA, cache-fra-etou8220149-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f684373d5e0cf-1453cfe3a160a769-01
x-timer: S1722798576.417281,VS0,VE420
etag: W/"14873-z2A8YTR8PSSG27/4Ogxx/cd6zuA"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 3664cc26-45c6-4edb-addc-f19f60b75c37.webp
cdn.shopnow.us/files/0b8aff0438617c055eb55f0ba5d226fa/ 46 KB
47 KB 10ms
9ms Image
image/webp 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopnow.us/files/0b8aff0438617c055eb55f0ba5d226fa/3664cc26-45c6-4edb-addc-f19f60b75c37.webp

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

100b394b4d7f8a33cbc69d2254550cbfd0069d3f369ac5e942bc72f807f9228d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 02:24:44 GMT
x-amz-version-id: 0QH_JZ8KDz7E8wP21k8jXzoRPgbmJcV7
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 665092
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 47382
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 28 Jul 2024 02:02:34 GMT
server: AmazonS3
etag: "20df12031051eac2f07511983c620f2b"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/webp
accept-ranges: bytes
x-amz-cf-id: 9svyip-KQN50WHL924OlN9zydzN5RG-rrFKVUkMn_Z0yoSXxwWc1jg==

GET
H2 200 ac6bc08f-6e1b-4dfb-b67e-1b0bcb7e0db5.webp
cdn.shopnow.us/files/0b8aff0438617c055eb55f0ba5d226fa/ 56 KB
56 KB 11ms
11ms Image
image/webp 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopnow.us/files/0b8aff0438617c055eb55f0ba5d226fa/ac6bc08f-6e1b-4dfb-b67e-1b0bcb7e0db5.webp

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

34bce1959ba6c9c0dff38f6e20f0b62d53aba408bd4174318bd803e0ee52bcae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 02:27:43 GMT
x-amz-version-id: 8Br.wfJ9ZISDrDsfX2u5vc84tGVW9cfU
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 664914
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 57040
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 28 Jul 2024 02:02:35 GMT
server: AmazonS3
etag: "c8d31b25450222b1a45370f62a5f392d"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/webp
accept-ranges: bytes
x-amz-cf-id: Iah8MhPF703fA36Yc42UItfU5Uq70DQbILia2AJKGQj-IDlFo2zK1g==

GET
H2 200 13fc8879-59ac-48b0-8d36-29a5289ca156.webp
cdn.shopnow.us/files/0b8aff0438617c055eb55f0ba5d226fa/ 65 KB
66 KB 19ms
18ms Image
image/webp 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopnow.us/files/0b8aff0438617c055eb55f0ba5d226fa/13fc8879-59ac-48b0-8d36-29a5289ca156.webp

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ffadfe5d1483d671a1b825ee1fe030fd5e7ebaaf652fdefb8f43f7e0dcc38423

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 02:27:43 GMT
x-amz-version-id: FOY74rs6HpAL.ds8QkRX0LVwhvZG7hBO
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 664914
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 66580
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 28 Jul 2024 02:02:37 GMT
server: AmazonS3
etag: "e73cb296da6dd018f11e5cf9c63357c3"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/webp
accept-ranges: bytes
x-amz-cf-id: Rlatq0qwXpHinutn9shUTafsnMeypKo2tTQoLuQWN-4S9v7-mASEXQ==

GET
H2 200 9eba9edc-babb-4eb5-9c8a-14213aaf7b5f.webp
cdn.shopnow.us/files/0b8aff0438617c055eb55f0ba5d226fa/ 19 KB
20 KB 18ms
17ms Image
image/webp 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopnow.us/files/0b8aff0438617c055eb55f0ba5d226fa/9eba9edc-babb-4eb5-9c8a-14213aaf7b5f.webp

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3ab02fb94335072f56fef643236284709e423a88a6819061bbc6a1cb76e273b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 20:31:22 GMT
x-amz-version-id: gRVDDg4OA4Lof9ux.A6XHiCJC9tHAm.N
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 513495
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 19484
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 28 Jul 2024 02:02:37 GMT
server: AmazonS3
etag: "062d0e18e179c89b4af60d3c40e8e5bb"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/webp
accept-ranges: bytes
x-amz-cf-id: gP4cJzm3Jn16eHokfRba-kJfqqcOoase5P4KgbmdsNUahFj-LWAZnQ==

GET
H2 200 769da844-0af3-45b7-b6a3-778cd12c89a4.webp
cdn.shopnow.us/files/0b8aff0438617c055eb55f0ba5d226fa/ 28 KB
29 KB 19ms
19ms Image
image/webp 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopnow.us/files/0b8aff0438617c055eb55f0ba5d226fa/769da844-0af3-45b7-b6a3-778cd12c89a4.webp

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

edf21ac00ec5187db4593e281ec9daaf2259a53d0a331bb7676316b420469ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 02:27:43 GMT
x-amz-version-id: 4G.KpNNLVZWydn20bU9woVbtvoWN46YZ
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 664914
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 28636
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 28 Jul 2024 02:02:37 GMT
server: AmazonS3
etag: "d480cbe77874d3b8826c5d3ac43657ab"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/webp
accept-ranges: bytes
x-amz-cf-id: 3YBdwUYGMa3Th3WDulSWVRzSOviwrnmfH_PKINqqf3pGyFGtt2Yq1g==

GET
H2 200 427177c3-792a-4c66-bf17-bc3e55920202.webp
cdn.shopnow.us/files/0b8aff0438617c055eb55f0ba5d226fa/ 17 KB
18 KB 20ms
20ms Image
image/webp 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopnow.us/files/0b8aff0438617c055eb55f0ba5d226fa/427177c3-792a-4c66-bf17-bc3e55920202.webp

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

16c196dad8877888ef61ca44051274a424d092dababe930f8ffbdcc422035420

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 20:31:22 GMT
x-amz-version-id: 0TTKXgSPO6peuUtMg2IllaEN9m_G8uRj
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 513495
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 17902
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 28 Jul 2024 02:02:37 GMT
server: AmazonS3
etag: "a3e8e21e964cc47cb3c6693daa451c9b"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/webp
accept-ranges: bytes
x-amz-cf-id: WgsqHPG6NPPPc5cEADxxPx6DAiw6eYzVtPnzunKpHWnPvv9VylfZNQ==

GET
H2 200 0ce9500d-4cb4-4b4c-aca8-2c2d0fb11dc9.webp
cdn.shopnow.us/files/0b8aff0438617c055eb55f0ba5d226fa/ 77 KB
77 KB 21ms
20ms Image
image/webp 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopnow.us/files/0b8aff0438617c055eb55f0ba5d226fa/0ce9500d-4cb4-4b4c-aca8-2c2d0fb11dc9.webp

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dd0351e5e156365cb99bd68a8634563bf1d4dac711092171030522cc08360926

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 02:27:43 GMT
x-amz-version-id: UmC_via59jTM33mviOFJVTyLiGehV7RE
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 664914
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 78522
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 28 Jul 2024 02:02:37 GMT
server: AmazonS3
etag: "5ba995b41dfb5a276f1ce8911c9dc144"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/webp
accept-ranges: bytes
x-amz-cf-id: Q6WjlJYULXmW-UmJKGjtG71MWODfSDmqQxoK3kmvUDB7BTOzm9i6vg==

GET
H2 200 chevron_left.46c2b4a2.svg
cdn.shopnow.us/landing/_next/static/media/ 150 B
701 B 22ms
22ms Image
image/svg+xml 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopnow.us/landing/_next/static/media/chevron_left.46c2b4a2.svg

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a7d379d31dd517198d442430c50220ff290cc36b50d76ad3864e2c41891146ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:37:50 GMT
x-amz-version-id: pShaHRcM_Q05kx8GbGRLC3QFZh4PYlIb
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 117107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 150
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:11 GMT
server: AmazonS3
etag: "4f77fda335dce9c03af8b9e1e5d28324"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: OUICg3bnwn16uKp9xNIHFI5U4wouqlBnzj01e2MrwzR35Cu3-wR-7Q==

GET
H2 200 chevron_right.d7dc3daf.svg
cdn.shopnow.us/landing/_next/static/media/ 149 B
699 B 23ms
23ms Image
image/svg+xml 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopnow.us/landing/_next/static/media/chevron_right.d7dc3daf.svg

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

07d63c63474652bf552370826d756bfca0e8d9e7dfef5af3b315ec443f44f31a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:37:50 GMT
x-amz-version-id: eU15lcrHN69m9ISPPy1HahBjKussttBC
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 117107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 149
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:11 GMT
server: AmazonS3
etag: "5e765e3a1e6bfc6527a39ceeeeb3259e"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: 16GDz3GnPtFJ5dVzjxOtfhTi6dPwUJqmhV8RphqqByJOoS_NAkKsjg==

GET
H2 200 index.json Show response
footmassage.xadsteam.com/_next/data/DVjnOG3KGKZ77KQCZI_GW/ 250 KB
13 KB 108ms
106ms Fetch
application/json 52.87.116.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://footmassage.xadsteam.com/_next/data/DVjnOG3KGKZ77KQCZI_GW/index.json
Requested by: Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.87.116.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-116-109.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6a5cad874b926efc48b9775568c15288abd21ccdc4839e35292bf05db16d1160

Request headers

purpose: prefetch
x-nextjs-data: 1
Referer: https://footmassage.xadsteam.com/
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
x-nextjs-matched-path: /[host]
content-encoding: gzip
server: nginx
etag: "4p5ra8tmb55h7x"
vary: Accept-Encoding
content-type: application/json
x-nextjs-cache: HIT
cache-control: s-maxage=60, stale-while-revalidate
x-nextjs-rewrite: /footmassage.xadsteam.com

GET
H2 200 track.json Show response
footmassage.xadsteam.com/_next/data/DVjnOG3KGKZ77KQCZI_GW/ 2 B
68 B 360ms
358ms Fetch 52.87.116.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://footmassage.xadsteam.com/_next/data/DVjnOG3KGKZ77KQCZI_GW/track.json
Requested by: Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.87.116.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-116-109.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

purpose: prefetch
x-nextjs-data: 1
Referer: https://footmassage.xadsteam.com/
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
x-middleware-skip: 1
server: nginx

GET
H2 200 contact.json Show response
footmassage.xadsteam.com/_next/data/DVjnOG3KGKZ77KQCZI_GW/ 2 B
68 B 108ms
106ms Fetch 52.87.116.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://footmassage.xadsteam.com/_next/data/DVjnOG3KGKZ77KQCZI_GW/contact.json
Requested by: Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.87.116.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-116-109.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

purpose: prefetch
x-nextjs-data: 1
Referer: https://footmassage.xadsteam.com/
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
x-middleware-skip: 1
server: nginx

GET
H2 200 33196edf9e1191e7.css Show response
cdn.shopnow.us/landing/_next/static/css/ 52 KB
556 B 22ms
8ms Fetch
text/css 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopnow.us/landing/_next/static/css/33196edf9e1191e7.css

Requested by

Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ee127d48b4b7aa5e7aa29123f8e23e60d569a39494d5be69b5162ab1aa683bf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:37:47 GMT
x-amz-version-id: GbnLEpDMYIkwV0yBmPO67Kp8D_ZI2mC5
via: 1.1 67697a0060e2336f6ffa8579d528820e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P8
age: 117110
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:10 GMT
server: AmazonS3
etag: W/"12cd934b3f883fd0fabf3b7fe1d07830"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
x-amz-cf-id: vQFmKtfBJXWqTi68RmBt39rpv73mw5_UqB4gqKvlDRyCJnaX1L4RLA==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 47ms
15ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ESMTRJTQBP&gtm=45je47v0v9116704377za200&_p=1722798576379&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=1481883368.1722798577&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dp=%2F&sid=1722798576&sct=1&seg=0&dl=https%3A%2F%2Ffootmassage.xadsteam.com%2F&dt=XADSTEAM%20-%20EMS%20Pulse%20Electric%20Foot%20Massager&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1987
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ESMTRJTQBP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 19:09:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://footmassage.xadsteam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 contact-0ecbda7c0ad6f023.js
cdn.shopnow.us/landing/_next/static/chunks/pages/ 0
5 KB 8ms
7ms Other
application/javascript 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopnow.us/landing/_next/static/chunks/pages/contact-0ecbda7c0ad6f023.js

Requested by

Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:37:50 GMT
x-amz-version-id: dNsbqGrjgkhfLWJZfRQDHyGXM_FbweCr
content-encoding: br
x-content-type-options: nosniff
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 117107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:10 GMT
server: AmazonS3
etag: W/"c0b686b0d7888b20824632a5da136ce6"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: tEa89aAZ483u2PpFeybppcR2mY_an2nMe_3MGAr1oLpG5qfgYElXuA==

GET
H2 200 contact-0ecbda7c0ad6f023.js Show response
cdn.shopnow.us/landing/_next/static/chunks/pages/ 15 KB
0 1ms
1ms Script
application/javascript 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopnow.us/landing/_next/static/chunks/pages/contact-0ecbda7c0ad6f023.js

Requested by

Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

32720653d5ef94a8d3e880204d20a355ed277397b439f205cd27f8ad3f330575

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:37:50 GMT
x-amz-version-id: dNsbqGrjgkhfLWJZfRQDHyGXM_FbweCr
content-encoding: br
x-content-type-options: nosniff
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
age: 117107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:10 GMT
server: AmazonS3
etag: W/"c0b686b0d7888b20824632a5da136ce6"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: tEa89aAZ483u2PpFeybppcR2mY_an2nMe_3MGAr1oLpG5qfgYElXuA==

GET
H2 200 1173e99efc82bdbb.css Show response
cdn.shopnow.us/landing/_next/static/css/ 5 KB
2 KB 10ms
8ms Fetch
text/css 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopnow.us/landing/_next/static/css/1173e99efc82bdbb.css

Requested by

Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5a4862c2e56568021b5eba81a96fc8df79b5a2a212b8e0b9b58a5bbdff61f69d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:37:55 GMT
x-amz-version-id: 8.f59LZY0UQHzRgwqFhwvsTk9Sm_2k87
content-encoding: br
x-content-type-options: nosniff
via: 1.1 67697a0060e2336f6ffa8579d528820e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 117102
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:10 GMT
server: AmazonS3
etag: W/"784f8be3ee48600897208e2d98d24507"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
x-amz-cf-id: wZ1O4BQ3iixg8Gx35z39Ya3iQcAtAxxLyMsePpvG6q9EHom9n5JGaw==

GET
H2 200 track-2a4f3b878a637553.js
cdn.shopnow.us/landing/_next/static/chunks/pages/ 0
4 KB 8ms
8ms Other
application/javascript 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopnow.us/landing/_next/static/chunks/pages/track-2a4f3b878a637553.js

Requested by

Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:37:50 GMT
x-amz-version-id: ZhlHsxSLrFS6zGBttbHEUdY093qJUHqD
content-encoding: br
x-content-type-options: nosniff
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 117107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:10 GMT
server: AmazonS3
etag: W/"3c2c57de6a1e81b257df012f214678da"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: IiT4XOAhNWr-dWm_VGZZyTAbg_U6ryMWjttuVk9QMV9GbHyaH-Shag==

GET
H2 200 track-2a4f3b878a637553.js Show response
cdn.shopnow.us/landing/_next/static/chunks/pages/ 12 KB
0 0ms
0ms Script
application/javascript 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopnow.us/landing/_next/static/chunks/pages/track-2a4f3b878a637553.js

Requested by

Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b190696df4c19c9238ce7c3e09129ffeaf203ea6ae64443d6f9edc6be6c32c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:37:50 GMT
x-amz-version-id: ZhlHsxSLrFS6zGBttbHEUdY093qJUHqD
content-encoding: br
x-content-type-options: nosniff
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
age: 117107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:10 GMT
server: AmazonS3
etag: W/"3c2c57de6a1e81b257df012f214678da"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: IiT4XOAhNWr-dWm_VGZZyTAbg_U6ryMWjttuVk9QMV9GbHyaH-Shag==

GET
H2 200 c44c8a1345ca821a.css Show response
cdn.shopnow.us/landing/_next/static/css/ 4 KB
2 KB 9ms
8ms Fetch
text/css 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopnow.us/landing/_next/static/css/c44c8a1345ca821a.css

Requested by

Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f5c113a9d6fad4fa0c5cf3dd3af79ac4e9bafcb57e5dee3f783a97b321390f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:37:55 GMT
x-amz-version-id: bvKM5E3xZ_oRY_tgXBl4vFP54QXYFXND
content-encoding: br
x-content-type-options: nosniff
via: 1.1 67697a0060e2336f6ffa8579d528820e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 117102
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 03 Aug 2024 10:04:11 GMT
server: AmazonS3
etag: W/"df2d3535e25df37b3e75a8bff3e77454"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
x-amz-cf-id: ZlXgP4x6_S2cU28Maeq0Lmu0MQ6DIQhlKSSaAq7_WudEptcVJrcejA==

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 290ms
290ms Script
application/x-javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=footmassage.xadsteam.com&t=xo&v=5.0.453&source=payments_sdk&client_id=Ab_vz3i_xHR0DKE-xHdHojd-R6J-RNYT3yk0xAXJnxXCkXLlU-5qbRQbjj6zzx3NADDNMP55-uotpP9b&disableSetCookie=true&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Ab_vz3i_xHR0DKE-xHdHojd-R6J-RNYT3yk0xAXJnxXCkXLlU-5qbRQbjj6zzx3NADDNMP55-uotpP9b&locale=en_US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3a997e04353e88f40e41584ecfea025d074f355f534874f9dbe04a3bb5a5ca4d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-MMRd38K4FQiCUu2kgDatp2/tTZW+EGru+HxhNzZfmJTwXW14' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-MMRd38K4FQiCUu2kgDatp2/tTZW+EGru+HxhNzZfmJTwXW14' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 04 Aug 2024 19:09:37 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
x-cache: HIT, MISS
paypal-debug-id: f1153392a8f05
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4336
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220149-FRA, cache-fra-etou8220149-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f1153392a8f05-c56346d8bebe232a-01
x-timer: S1722798577.863805,VS0,VE282
etag: W/"2fa1-jxsR74+mGy9/tfIPXuzhzw2WmKM"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 buttons
www.paypal.com/smart/ Frame 22B4 0
0 486ms
473ms Document
text/html 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.shape=rect&style.tagline=false&style.height=55&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_3387652f57_mtk6mdk6mzy&buttonSize=large&customerId=&clientID=Ab_vz3i_xHR0DKE-xHdHojd-R6J-RNYT3yk0xAXJnxXCkXLlU-5qbRQbjj6zzx3NADDNMP55-uotpP9b&clientMetadataID=uid_384f053dba_mtk6mdk6mzy&commit=true&components.0=buttons&currency=USD&debug=false&disableSetCookie=true&env=production&experiment.enableVenmo=false&experiment.venmoVaultWithoutPurchase=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwibWFlc3RybyI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGluZXJzIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJjdXAiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNhdGlzcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBhaWR5Ijp7ImVsaWdpYmxlIjpmYWxzZX19&intent=capture&locale.lang=en&locale.country=US&hasShippingCallback=false&platform=desktop&renderedButtons.0=paypal&sessionID=uid_384f053dba_mtk6mdk6mzy&sdkCorrelationID=f523602dcdb01&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJfdnozaV94SFIwREtFLXhIZEhvamQtUjZKLVJOWVQzeWsweEFYSm54WENrWExsVS01cWJSUWJqajZ6engzTkFERE5NUDU1LXVvdHBQOWImbG9jYWxlPWVuX1VTIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoicmVhY3QtcGF5cGFsLWpzIiwiZGF0YS11aWQiOiJ1aWRfZmhidnRkeG51eWt1bmZidHhyaHRxa2tzdWNvZ2p4In19&sdkVersion=5.0.453&storageID=uid_19c2bb7c3e_mtk6mdk6mzy&supportedNativeBrowser=false&supportsPopups=true&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Ab_vz3i_xHR0DKE-xHdHojd-R6J-RNYT3yk0xAXJnxXCkXLlU-5qbRQbjj6zzx3NADDNMP55-uotpP9b&locale=en_US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.venmo.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.venmo.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Sun, 04 Aug 2024 19:09:37 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"73ef0-nQSelkbb9QX9mEbRAqmSF519HSc"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: f85152106d3da
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f85152106d3da-19a764f479b5a781-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f85152106d3da-26ce2a3c4532a3c4-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-fra-etou8220058-FRA, cache-fra-etou8220058-FRA
x-timer: S1722798577.911920,VS0,VE465
x-xss-protection: 1; mode=block

GET
H2 200 paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame DD5B 3 KB
2 KB 48ms
19ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBA) /

Resource Hash

25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 19:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: e0953c7feefe8
dc: ccg11-origin-www-1.paypal.com
content-length: 1207
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (frc/4CBA)
traceparent: 00-0000000000000000000e0953c7feefe8-86f3c87ec4d932d9-01
etag: W/"642c9aab-cc2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sun, 04 Aug 2024 20:09:36 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
601 B 250ms
167ms Image
image/gif 151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=XADSTEAM%20-%20EMS%20Pulse%20Electric%20Foot%20Massager&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1722798577160&g=-120&completeurl=https%3A%2F%2Ffootmassage.xadsteam.com%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true

Requested by

Host: footmassage.xadsteam.com
URL: https://footmassage.xadsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Sun, 04 Aug 2024 19:09:37 GMT
date: Sun, 04 Aug 2024 19:09:37 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 5d0b69d65e76c
server-timing: "traceparent;desc="00-00000000000000000005d0b69d65e76c-8db8fff3cb9a64c3-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220046-FRA
pragma: no-cache
correlation-id: 5d0b69d65e76c
traceparent: 00-00000000000000000005d0b69d65e76c-66dd96c81bdbf9ad-01
x-timer: S1722798577.240915,VS0,VE159
vary: Accept-Encoding
content-type: image/gif
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

GET
H2 200 ded1f4d8-0073-4e51-a310-08053eb48383.png
cdn.shopnow.us/files/0b8aff0438617c055eb55f0ba5d226fa/ 11 KB
12 KB 10ms
9ms Other
image/png 2600:9000:2761:a000:11:4a51:5340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopnow.us/files/0b8aff0438617c055eb55f0ba5d226fa/ded1f4d8-0073-4e51-a310-08053eb48383.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2761:a000:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

34b44551be55e5dd01c8610b0c15d1d05685053c8dd5f7f1b53b21aeffeadffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 18:32:22 GMT
x-amz-version-id: y1zNkFq_pEv8fbx_NoZVhJz_SvOX_tT1
via: 1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P8
age: 347835
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 11230
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 28 Jul 2024 02:13:34 GMT
server: AmazonS3
etag: "9d3fdbe939d586652255b086c6996507"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: GCrybJyilmJQUiyleFcTSTWC2B74PR5qFVQsjPEC3dzkLFVsgvv14g==

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 196ms
181ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://footmassage.xadsteam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://footmassage.xadsteam.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
date: Sun, 04 Aug 2024 19:09:38 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f930923b45f1f
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f930923b45f1f-1c480ed082841702-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-fra-etou8220083-FRA, cache-fra-etou8220083-FRA
x-timer: S1722798578.920141,VS0,VE173

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 974 B
845 B 204ms
202ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Ab_vz3i_xHR0DKE-xHdHojd-R6J-RNYT3yk0xAXJnxXCkXLlU-5qbRQbjj6zzx3NADDNMP55-uotpP9b&locale=en_US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

11c48fabc3c93f31212873eabf963e5b12b0aad97c6c071be6d65c8b675f3e17

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://footmassage.xadsteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Sun, 04 Aug 2024 19:09:38 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f930923855b48
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-etou8220083-FRA, cache-fra-etou8220083-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f930923855b48-ca7aaf7942ca936d-01
x-timer: S1722798578.102518,VS0,VE196
etag: W/"3ce-kZE8kXPzWmk9aX2mruib4iDUz1o"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://footmassage.xadsteam.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
footmassage.xadsteam.com/	1970-01-20 22:33:29	Name: LAST_PAGE_VIEW_CONTENT Value: true
.xadsteam.com/	1970-01-21 08:09:18	Name: _ga_ESMTRJTQBP Value: GS1.1.1722798576.1.0.1722798576.0.0.0
.xadsteam.com/	1970-01-21 08:09:18	Name: _ga Value: GA1.1.1481883368.1722798577

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apie.shopnow.us
cdn.shopnow.us
footmassage.xadsteam.com
img.fantaskycdn.com
region1.google-analytics.com
t.paypal.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
151.101.129.21
151.101.195.1
192.229.221.25
2001:4860:4802:32::36
2600:9000:2761:a000:11:4a51:5340:93a1
2606:4700::6812:15d3
2a00:1450:4001:82f::2008
52.21.175.127
52.87.116.109
048e5edcd387a4ed0d411b224bba3e50f98aab6e20b31d34a71e10bca5dccfe3
07272720346f726e390358fb3f3c5fc19e0d162ad03b4e29ba61470fb459e7a9
07d63c63474652bf552370826d756bfca0e8d9e7dfef5af3b315ec443f44f31a
0a62fa332592b53d9580a4e68751ea71ff55dda0d4feedcf87baac933010788a
0ec3792a448642943391b88e8a7e898f2c02ecdf7eb33978647e117d63db767a
100b394b4d7f8a33cbc69d2254550cbfd0069d3f369ac5e942bc72f807f9228d
11c48fabc3c93f31212873eabf963e5b12b0aad97c6c071be6d65c8b675f3e17
16c196dad8877888ef61ca44051274a424d092dababe930f8ffbdcc422035420
196d255d4cb63482ececfab69b41f60bccda6c5968ee9754bfa978f68dade954
19a1d76d60c9475920dddbb52136644e97addff18a96fe2beefac6953954a4d1
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
27b76160431be74d9df8b1c389b4d6fe3fcffca9869386650e6ea9e9bb7b96b9
2e7d4e86bde2d32bc010897839e59e0c70a8fad6d8b0946857ab1d213def7766
32720653d5ef94a8d3e880204d20a355ed277397b439f205cd27f8ad3f330575
34a3abbdf4c5eb0154aaa8f0360f08d711fd07325167c78c9056b91dcc2ad752
34b44551be55e5dd01c8610b0c15d1d05685053c8dd5f7f1b53b21aeffeadffa
34bce1959ba6c9c0dff38f6e20f0b62d53aba408bd4174318bd803e0ee52bcae
3a7192640495cf7235f7b0fb036334594b2d069c0050ce51834bd3895ed5a44a
3a997e04353e88f40e41584ecfea025d074f355f534874f9dbe04a3bb5a5ca4d
3ab02fb94335072f56fef643236284709e423a88a6819061bbc6a1cb76e273b9
3d5dd7dd9fcf0f69c2340a91e01e3c58e17b09e295da64378b32488f5ce524f7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45033fcbc26062ba5295f72d13c203abeef97ec69598ff658684908a831a741d
464c1b7f6a2664cd53791e3281866a1bbed88652e762314d5397adeebf8ec32e
480667875b3a2641d41fd844eb0a1f0b3b737b2b9ac178e6e71e0cf403219c03
4b9da7c68a5beb3d468c11f11c4b7b6333f3122869e038daffd782e04c5ca56d
560c1f66f6dd073130ee5bdb3315df177b6f2127cf6a9227286faf4e4e2806c9
5a4862c2e56568021b5eba81a96fc8df79b5a2a212b8e0b9b58a5bbdff61f69d
63eebc9bf4195632c608f4bb2d0fc43308a5f8e616d0e870b0708f958a2eb1c3
6a5cad874b926efc48b9775568c15288abd21ccdc4839e35292bf05db16d1160
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7ba192b848cd5a2057341b0072c66ef3831a0f376e04a8a40122f2ba12010ae1
81238941af336f8eb3b505d08fade8c9511d9a8047ef127632a237fb5fb05a88
853f8abcca7b3f17014e2157b9536225fbc9cf02cdb5dd2474091173343b42c2
8727828c0c9d5797029df20a75c6acc0aaa38132818851b5c92579544a02ca70
8897300fe697970474eb1705824c495be01adc7357f9207644d8ddf5a391d2fe
8e7d1b041c75c1356235e6a0079c1800f2eb5af838b01a6311b3e45f6039762a
9188ec83ea78ce8c8aefde2af0513e841db6341b27c5ffad5ca955782045ce6a
96b60d904e0ed06b27fbb383b5e37fa7037453c58147d681cbb5924100807a5b
97eaa18ff367cd3df4e573a03a3a5c3eb01bdc438b5fab9e151add60ec0ebbcf
9ef455aeb6cf0f68e73c85dae42fa4ca553050980ef019d3646125d16eb89a89
a012e87a9a805de51fce391c277ed48b24f745160445148b9a8ddac6d4ec33ab
a7d379d31dd517198d442430c50220ff290cc36b50d76ad3864e2c41891146ea
a8f508f93d81f66b3875668c748dbea432971d61a7c4066d6874eb1699fc12e0
a9a95e990d325a9d141ff2c473a66daffcc5595c4afcd8bf5bf2335dd2ca81ed
aafba887f5282fff955da0ee12086473cfeb0df540666a8bbff3250cad988ad7
ac617b895f62f1a8611427d9973e371358f52e4c10158a38f016d340759861f9
b03b758514c0de525b7336f51852fb23ef4ac4bec7051384ddec6fe6560cba07
b190696df4c19c9238ce7c3e09129ffeaf203ea6ae64443d6f9edc6be6c32c61
b853253679e6179a96019a0baba0093568a6063b2e8b71538a0818dc6c32bf39
c2e72c9f8c8a15d4b64c091b12172aee8b6daaf3514fb416b09e38cd1cf97acc
c60f6b81dbd46b2cf6f90b54880be1f7a5d50eea75324e3ac7f20c88a0b3a83e
cf4ef9a6a912b0440b77360e0f69264088ece032ebda4a12616f4726622ece6c
d745789482228dbab11cddf48dfb82c12c852bda1f5b1bd595bca4d2437b50c5
db1df2a3942ce6e667f64eee2bb9f20ece8cd4ad895e35b984bae4ebf6259307
dd0351e5e156365cb99bd68a8634563bf1d4dac711092171030522cc08360926
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edf21ac00ec5187db4593e281ec9daaf2259a53d0a331bb7676316b420469ac2
ee127d48b4b7aa5e7aa29123f8e23e60d569a39494d5be69b5162ab1aa683bf4
f0baef142dca374b32fd910adec94e8615ebb6c12df41d1fe7b151e584231d9d
f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7
f521047966f95404ab99e617c041b8b05d67eb69f35cbfa7c41f198407dbc27a
f5c113a9d6fad4fa0c5cf3dd3af79ac4e9bafcb57e5dee3f783a97b321390f8d
fc76c3780b6e03b74e34a73d24a3c9e19070b10c6d8f5e7faf7100e22d82291b
ffadfe5d1483d671a1b825ee1fe030fd5e7ebaaf652fdefb8f43f7e0dcc38423

footmassage.xadsteam.com Open in urlscan Pro 52.87.116.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

74 Requests

100 %HTTPS

44 %IPv6

7 Domains

9 Subdomains

9 IPs

2 Countries

3109 kBTransfer

4913 kBSize

3 Cookies

1 Outgoing links

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

footmassage.xadsteam.com Open in urlscan Pro
52.87.116.109 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

100 %
HTTPS

44 %
IPv6

7
Domains

9
Subdomains

9
IPs

2
Countries

3109 kB
Transfer

4913 kB
Size

3
Cookies

74 HTTP transactions
0 data transactions